On Thu, Mar 24, 2016 at 1:51 AM, David G <[email protected]> wrote:
> Hi All,
>
> There has been some discussion on IRC today regarding options for running
> LedgerSMB (httpd) and how/what System User to run as.
>
> The long and the short of it is the following proposal.
> If you have any thoughts or suggestions could you please comment before we
> start implementing the changes.
>
> We believe items 1-3 NEED to happen, the remaining items SHOULD happen
> depending on your responses
>
> 1. Only ever run LedgerSMB using Starman (High-performance preforking
> PSGI/Plack web server)
> 2. Only ever bind Starman to localhost
> 3. Always reverse proxy Starman port with either NGINX (preferred) or
> Apache
>
> One concern I have is that I am not entirely sure that we can effectively
test well in this sort of environment. We've had bugs in this corner, so I
think in terms of a roadmap forward, it would be good to keep this
experimental for a little bit.
>
> 1. At installation create a system user "*ledgersmb*"
> 2. At installation create a system group "*ledgersmb-admin*"
> 3. all LedgerSMB files should be installed in a single versioned
> directory (eg: /usr/share/ledgersmb-1.4.26 or /opt/ledgersmb-1.4.26)
> 4. the install directory and contents should be owned by user
> *ledgersmb* and group *ledgersmb-admin*
> 5. the install directory and contents should have the following
> permissions
> For Executable files (s--r-xrw---- | 4560)
> - r - x for owner
> - r w - for group
> - - - - for other
>
> For Non Executable files (r--rw---- | 460)
> - r - - for owner
> - r w - for group
> - - - - for other
>
> For Directories (-s-r-xrw---- |2560)
> - r - x for owner
> - r w - for group
> - - - - for other
>
> 6. The temp dir configured in ledgersmb.conf will need to be owned
> by user *ledgersmb* and group *ledgersmb-admin*
> 7. The temp dir would need these permissions (sstrwxrwx--- | 7777)
> - - - s for flags
> - r w x for owner
> - r w x for group
> - - - - for other
> 8. Any system users that need to be able to modify files in the
> LedgerSMB dir's would need to have *ledgersmb-admin* added to their
> groups.
>
>
> Information on the permissions can be found in the following man pages and
> links
>
> - CHMOD(1)
> - CHMOD(2)
> - UNLINK(2)
> - how-do-directory-permissions-in-linux-work
>
> <http://unix.stackexchange.com/questions/21251/how-do-directory-permissions-in-linux-work>
> Look at Baldrick's answer it is the best summary
>
>
> Running LedgerSMB using Starman and a reverse caching proxy like nginx has
> significant performance benefits due to both the way Starman preforks and
> handles Perl assets, and the static asset caching offered by the proxy.
> There is an additional benefit to running via Starman, it is less likely
> that an error in a latex template (for example) will cause a hard failure.
> This has recently been shown to be an issue with the current debian
> package for 1.4.25 available from our repository http://apt.ledgersmb.org
>
> Running as a specific system user improves security, and assists with
> running multiple instances on the same system.
> The restricted permissions take this a step further to make it harder for
> things to be broken or attacked by other processes on the system.
>
> Keeping everything from the LedgerSMB tree in a single folder instead of
> splitting amoung multiple system dir locations is necessary for running
> multiple instances on a system, especially if there will be more than one
> version of the code.
> I am certain there are ways to work around that, but simplicity is often
> the best solution.
> Things like the docs dir can have a symlink
> /usr/share/doc/ledgersmb-1.4.25 that point to the real dir
> The same goes for manpages if we want to.
> NOTE: for an official debian package (in the debian.org archives) we may
> have to split things up to comply with their policy, but there is precedent
> not to.
> Also as debian doesn't allow version updates to packages for the life of a
> release Official Packages for LedgerSMB are of minimal benefit.
> We are better to point people at our own repository.
>
>
> Regards
> David G
>
>
>
>
>
> ------------------------------------------------------------------------------
> Transform Data into Opportunity.
> Accelerate data analysis in your applications with
> Intel Data Analytics Acceleration Library.
> Click to learn more.
> http://pubads.g.doubleclick.net/gampad/clk?id=278785351&iu=/4140
> _______________________________________________
> Ledger-smb-devel mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/ledger-smb-devel
>
>
--
Best Wishes,
Chris Travers
Efficito: Hosted Accounting and ERP. Robust and Flexible. No vendor
lock-in.
http://www.efficito.com/learn_more
------------------------------------------------------------------------------
Transform Data into Opportunity.
Accelerate data analysis in your applications with
Intel Data Analytics Acceleration Library.
Click to learn more.
http://pubads.g.doubleclick.net/gampad/clk?id=278785351&iu=/4140
_______________________________________________
Ledger-smb-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/ledger-smb-devel
